ControlCase Infosec Private Limited (hereby referred as ControlCase Infosec) Code of Ethics stresses the importance of never compromising on our impartiality, independence and integrity. Creating awareness on this is an important part of ControlCase Infosec training programs for employees.
The organization ensures that none of its assignments will cause any conflict of interest which would hamper the impartial business practices of ControlCase Infosec.
To maintain impartiality in ControlCase Infosec activities, the organization follows these guidelines:
- Business relationships which pose an unacceptable threat to impartiality will not be pursued by ControlCase Infosec for certification assignments.
- ControlCase Infosec will not provide certification services to other certification bodies for their management systems.
- ControlCase Infosec will not certify a management system on which a client has received management-system consultancy or internal audits, where the relationship between the consultancy organization and ControlCase Infosec poses an unacceptable threat to the impartiality of the certification body.
- ControlCase Infosec will not outsource audits to management-system consultancy organizations.
- To ensure that there is no conflict of interest, personnel who have provided management-system consultancy, including those acting in a managerial capacity, are not used to take part in an audit or other certification activities if they have been involved in management-system consultancy with the client in question within two years following the end of the consultancy.
- ControlCase Infosec will consider taking appropriate action to respond to any threats to its impartiality that arise from the actions of other persons, bodies or organizations.
- All certification-body personnel, either internal or external and committees who could influence the certification activities, act impartially and do not allow commercial, financial or other pressures to compromise impartiality.
- All personnel, internal and external, are required to reveal any situation known to them that may present them or the certification body with a conflict of interest.
- ControlCase Infosec has formed a impartiality committee who will safeguard impartiality of certification services by conducting review checks on regular intervals and will update the results to Risk Steering Committee.
- ControlCase Infosec Impartiality committee have the right to inform accreditation bodies about the results in case of lack of seriousness presented by ControlCase.